Rei : A Policy Specification Language

April 1, 2002 - May 1, 2005

Security is a critical problem in dynamic and open distributed
environments such as those enabled by the semantic web and pervasive computing technologies. The presence of heterogeneous entities that
are neither pre-determined nor permanent, and the lack of central
control are some of its challenges. We believe that declarative
policies address this problem while maintaining openness and
flexibility. We propose the use of policies defined in OWL to
constrain the behavior of entities in these environments as OWL
provides the extensibility required to incorporate varied
application-specific knowledge.

Rei is a policy language based in OWL-Lite that allows policies to be
specified as constraints over allowable and obligated actions on resources in the environment. Rei also includes logic-like variables giving it the flexibility to specify relations like role value maps that are not directly possible in OWL. Rei includes meta policy
specifications for conflict resolution, speech acts for remote policy management and policy analysis specifications like what-if analysis and use-case management making it a suitable candidate for adaptable
security in the environments under consideration. The Rei engine,
developed in XSB, reasons over Rei policies and domain knowledge in RDF and OWL to provide answers about the current permissions and obligations of an entity, which are used to guide the entity's behavior.